Staying Logged In Is Dangerous

In a survey conducted by IObit, it was found that a great many Internet users are still not behaving cautiously on the Internet. 30% of social media users opt to stay logged in, and 50% do not change their passwords. ProXPN is now taking this latest set of statistics and passing it on to warn Internet users of the dangers of leaving their accounts open and not changing their passwords. Mobiles are particularly vulnerable, and the new proXPN VPN iOS app is their latest effort to help people stay safe online.

IObit, computer maintenance software maker, surveyed over 10,000 people to see how cautious the average Internet user is. The results came as a surprise to them. It was expected that the multiple warnings from security experts would have hit a note with Internet users by now. Account hijacking and hacking is a very serious problem, yet it seems that Internet users are either not concerned or not yet aware of the severity of the danger.

What happens When Users Stay Logged In

ProXPN explains that to stay logged in, the website must store a cookie on the user’s computer. This cookie that identifies a user to the site as a legitimate account holder is only removed when that user logs off the site. Staying logged in means that the cookie stays active, giving hackers all the time they need to hijack it. They will take the cookie, inject malware into it, and send it on its way. This malware is designed to give the hacker access so they can impersonate the user at any time. Some may remember the notorious malware program Firesheep. Several years ago, Firesheep was used to steal information in this way from Wi-Fi networks. After the damage that Firesheep caused, users should really be more careful about inviting attackers with open accounts.

When a user stays logged in to an account, proXPN says that it is like an open invitation to hackers. They notice that the users are logged in but not actively using the account. This is the perfect opportunity to hijack the account and wreak havoc at the account owner’s expense. It is so convenient to not have to log in every time you visit your social media or email account. And most users still feel so safe when they are using a private network. The problem is that regardless of the network’s safety, the open account online is not protected.

What Hackers Can Do with a Hijacked Account

Staying logged in does not only pose a risk to the account holders. A hijacked account poses risks to all who are connected to that account. The point of hijacking an account is to manipulate the account holder’s contacts and anyone else they can reach through that account. Users need to realize that they are not only putting their own personal data and finances in jeopardy when they leave their accounts open for hackers.

Once an account is hijacked, the attacker can pose as the account holder any time they want. With this level of access, they can do anything that the account holder would be able to do on that account. They use this power to steal anything they can that can be accessed from the account, and to launch social engineering attacks on other users. Other users think that it is their trusted friend who is messaging them, inviting them to view links or asking them for help. This is very similar to the email scams that were very popular several years ago, and had so very many victims. Your identity is at risk, and hackers will use it to get anything they can.

Apart from leaving an account vulnerable to hijacking, staying logged in can give hackers access to the user’s computer or other devices used to access the account. Any data you have stored on your device is now open to the hacker. Any other accounts you have on the web that you have opted to stay logged into are similarly open. The hacker can get into your email and start another round of social engineering attacks. With email credentials, the hacker can quite easily get into any account opened using that email. Just a few password changes here and there and the thief has complete access.

Changing Passwords

The same IObit survey also revealed that 50% of users change their passwords only if they must, and 15% said they never change their passwords at all. As with staying logged in, the reason is convenience. Users are still choosing convenience over security, not knowing how serious the threat is. Most users will not even realize what crimes they have been accomplices to.

But security experts keep warning users that passwords are one of the most important security considerations. Passwords are the only barriers that protect user data stored on the Internet. Staying logged in is like not having a password at all. And users who stay logged in will be even less likely to ever change their passwords. Getting users to fully grasp what their complacency is leading up to is one main objective of security studies of this type.

ProXPN iOS App for Greater Online Privacy and Security

ProXPN is a leading VPN security provider dedicated to helping people stay safe on the Internet. ProXPN also maintains a firm stance on the importance of individual privacy online. Securing your Internet is the first step to keeping friends and family safe as well. For more information on proXPN and other VPN services, please read on to get the details on how a VPN connection can help you avoid getting hacked and being an accomplice to cybercrime.

ProXPN’s iOS app is the personal VPN for mobile devices. ProXPN can now be set up quickly and easily on devices running iOS with the recently released iOS app. The user can choose to stay with a free account, or upgrade to a premium account that has no bandwidth restrictions. The proXPN iOS VPN is simple to set up. Users can quickly download and install it from the Apple app store for free.
ProXPN now ensures iOS users easier and faster access on smartphones with the same levels of security that other proXPN users have always enjoyed. As a personal VPN, proXPN secures browsers and encrypts user data. It also encrypts traffic and makes their IPs anonymous to the public. This iOS app is highly recommended for public network browsing. The high level of security provided by the VPN technology ensures that the online activity, browser history, banking details, geographical tracking, online messages and passwords cannot be intercepted.